In tests with cardiac implants in an environment meant to simulate the human body (a one-centimeter-thick layer of bacon placed on top of the implant, and four centimeters of lean ground beef below), the shield was able to completely block unauthorized communications with standard medical terminals, such as a hacker might buy secondhand from an online auction site. Even if the hacker builds his own terminal capable of transmitting a signal 100 times as powerful as the shield’s jamming broadcast, the shield can still block communications until the terminal gets within five meters of the implant. Then the shield can’t ward off attacks—but it can at least alert a patient that an attack is happening.
Although the prototype shield, built out of two off-the-shelf software radios, is cumbersome, it could be miniaturized into something that could be worn around the neck or as a bracelet. The researchers are discussing possible commercialization of the technology with one medical-device manufacturer. A problem yet to be overcome is that telecommunications regulations in the United States and elsewhere generally discourage jamming equipment. Katabi hopes the U.S. Federal Communications Commission would be flexible: “They are a relatively agile agency, and they’ve generated waivers before for medical devices to encourage innovation and solve problems,” she says.
The researchers believe that the shield may be a better alternative to building encryption directly into implants. “Imagine you have an implant with a secret decryption key,” says Katabi. “Your doctor knows the secret key, but you’re traveling and there’s an emergency and you’re taken into a foreign hospital. The doctor there doesn’t have access to the secret key.” However, with a wearable jammer, the hospital could remove the shield, allowing unencrypted access during the emergency.
Not all security researchers agree with that analysis. “There are security methods that don’t require a doctor to have the key,” says Jay Radcliffe, a security researcher who has also studied wireless attacks on implanted devices. Rather than trying to “bolt on security as an afterthought,” Radcliffe argues, the burden should fall on device manufacturers to design in security from the beginning. Still, for existing devices, Radcliffe thinks the shield could offer an interim solution.